Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/zJf6fOoR96AzY3WrphkG0_TGIjQ.roa
File: zJf6fOoR96AzY3WrphkG0_TGIjQ.roa (raw, json)
Hash identifier: 6SZfpExu11cpDDRKWY/0MRuxiU69GC8pXt/n5xWZ0SA=
Subject key identifier: CC:97:FA:7C:EA:11:F7:A0:33:63:75:AB:A6:19:06:D3:F4:C6:22:34
Certificate issuer: /CN=874bf8070cee4305d1a389e910fb5102bbcc1941
Certificate serial: 018B1DC907325C9EF1BFEEB26AA81C4CB329
Authority key identifier: 87:4B:F8:07:0C:EE:43:05:D1:A3:89:E9:10:FB:51:02:BB:CC:19:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h0v4BwzuQwXRo4npEPtRArvMGUE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/zJf6fOoR96AzY3WrphkG0_TGIjQ.roa
Signing time: Wed 11 Oct 2023 08:09:55 +0000
ROA not before: Wed 11 Oct 2023 08:09:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39600
IP address blocks: 85.237.72.0/22 maxlen: 24
85.237.80.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 06 Nov 2023 12:15:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1d:c9:07:32:5c:9e:f1:bf:ee:b2:6a:a8:1c:4c:b3:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=874bf8070cee4305d1a389e910fb5102bbcc1941
Validity
Not Before: Oct 11 08:09:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cc97fa7cea11f7a0336375aba61906d3f4c62234
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:22:b0:03:ec:c8:2e:bb:99:87:c3:8b:8a:e9:
b7:3f:24:29:45:a2:16:2b:20:07:ba:25:7a:e9:d1:
60:13:44:8d:3a:25:e1:12:bf:9a:79:be:49:24:da:
ca:79:cb:76:67:41:11:62:9e:80:7d:8f:df:19:07:
d6:f1:6a:ff:7a:b6:00:2e:ee:fa:c2:20:f4:aa:79:
b1:6d:b3:2e:f7:fe:8a:ed:23:17:a5:55:80:d2:41:
8a:59:a7:36:ec:6f:9e:d7:ef:27:80:25:ab:6b:60:
f4:44:1f:5e:4a:1a:51:1d:7b:a5:2e:6f:06:4a:d5:
67:b8:22:5d:38:71:6e:2d:77:47:a0:13:39:2c:a0:
80:d6:f6:43:b9:56:c7:7e:60:b8:ae:f4:f0:b9:76:
e8:b6:2d:ad:70:21:34:27:6b:97:9b:f8:d2:f6:2a:
77:e5:ed:77:a1:71:94:15:13:80:12:5d:b9:57:83:
cb:cf:38:89:c1:2c:38:c2:80:7c:54:84:1c:d3:54:
dd:df:96:d5:02:ed:2d:4b:10:fc:09:29:b0:90:32:
fc:c7:e6:ba:ae:e6:96:d1:a8:f8:18:e5:af:f9:5c:
70:fa:db:36:a0:28:cd:46:67:2c:2c:69:8c:e0:f3:
a3:1c:bc:8a:84:55:a5:ec:ee:1f:ab:7b:2e:83:ab:
a3:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:97:FA:7C:EA:11:F7:A0:33:63:75:AB:A6:19:06:D3:F4:C6:22:34
X509v3 Authority Key Identifier:
keyid:87:4B:F8:07:0C:EE:43:05:D1:A3:89:E9:10:FB:51:02:BB:CC:19:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h0v4BwzuQwXRo4npEPtRArvMGUE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/zJf6fOoR96AzY3WrphkG0_TGIjQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/h0v4BwzuQwXRo4npEPtRArvMGUE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.72.0/22
85.237.80.0/22
Signature Algorithm: sha256WithRSAEncryption
8f:8d:73:7a:bc:ef:48:0a:af:e7:09:a1:76:dd:64:1d:72:8f:
ec:df:7b:af:ca:48:ed:5f:49:95:29:4c:64:38:30:d8:07:28:
b0:53:86:b6:73:e2:7d:aa:f3:77:24:61:5b:47:d3:dc:72:fb:
a3:39:b6:94:63:9f:8b:35:67:61:be:8c:d2:b8:50:de:2b:f8:
8e:d1:9c:53:bb:49:d3:72:f8:90:b1:d4:ba:c6:ba:92:37:62:
e7:0f:91:73:d5:96:2b:0d:b9:e0:1d:39:6c:53:d6:43:f4:4b:
ed:56:51:3c:46:50:50:b6:d6:f6:ba:9f:e0:c5:b2:e9:0a:0a:
32:37:9a:26:8e:c7:4a:a5:03:bd:30:f9:70:2a:b5:49:32:a2:
c3:ee:9d:f1:b9:37:7d:e3:57:bb:15:98:fe:dd:d8:ba:f3:6b:
1a:81:6e:df:b9:58:ac:ab:65:67:de:6c:f2:4d:43:d8:b1:f2:
b8:3c:ad:aa:ab:9d:82:3c:fc:e3:2b:b2:81:1b:cb:fa:85:61:
f3:07:c8:a8:be:f2:cd:e6:f9:07:50:65:ed:1d:98:9b:b1:c9:
de:dd:6a:5e:53:cf:b8:54:6c:36:78:75:e3:85:0d:e8:bf:80:
2b:56:bf:56:b4:45:44:78:63:a4:8e:e8:08:7c:3a:6e:58:18:
3f:f5:22:d3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYsdyQcyXJ7xv+6yaqgcTLMpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NGJmODA3MGNlZTQzMDVkMWEzODllOTEwZmI1MTAyYmJj
YzE5NDEwHhcNMjMxMDExMDgwOTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzk3ZmE3Y2VhMTFmN2EwMzM2Mzc1YWJhNjE5MDZkM2Y0YzYyMjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqSKwA+zILruZh8OLium3PyQpRaIW
KyAHuiV66dFgE0SNOiXhEr+aeb5JJNrKect2Z0ERYp6AfY/fGQfW8Wr/erYALu76
wiD0qnmxbbMu9/6K7SMXpVWA0kGKWac27G+e1+8ngCWra2D0RB9eShpRHXulLm8G
StVnuCJdOHFuLXdHoBM5LKCA1vZDuVbHfmC4rvTwuXboti2tcCE0J2uXm/jS9ip3
5e13oXGUFROAEl25V4PLzziJwSw4woB8VIQc01Td35bVAu0tSxD8CSmwkDL8x+a6
ruaW0aj4GOWv+Vxw+ts2oCjNRmcsLGmM4POjHLyKhFWl7O4fq3sug6ujkwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMyX+nzqEfegM2N1q6YZBtP0xiI0MB8GA1UdIwQY
MBaAFIdL+AcM7kMF0aOJ6RD7UQK7zBlBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDB2NEJ3enVRd1hSbzRucEVQdFJBcnZNR1VFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9lZWUxMzEtYmI4Yy00ODg3LTg2OWIt
NmZlNGQ4ZmVkMTYwLzEvekpmNmZPb1I5NkF6WTNXcnBoa0cwX1RHSWpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9lZWUxMzEtYmI4Yy00ODg3LTg2OWItNmZlNGQ4ZmVkMTYw
LzEvaDB2NEJ3enVRd1hSbzRucEVQdFJBcnZNR1VFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCVe1IAwQC
Ve1QMA0GCSqGSIb3DQEBCwUAA4IBAQCPjXN6vO9ICq/nCaF23WQdco/s33uvykjt
X0mVKUxkODDYByiwU4a2c+J9qvN3JGFbR9PccvujObaUY5+LNWdhvozSuFDeK/iO
0ZxTu0nTcviQsdS6xrqSN2LnD5Fz1ZYrDbngHTlsU9ZD9EvtVlE8RlBQttb2up/g
xbLpCgoyN5omjsdKpQO9MPlwKrVJMqLD7p3xuTd941e7FZj+3di682sagW7fuVis
q2Vn3mzyTUPYsfK4PK2qq52CPPzjK7KBG8v6hWHzB8iovvLN5vkHUGXtHZibscne
3WpeU8+4VGw2eHXjhQ3ov4ArVr9WtEVEeGOkjugIfDpuWBg/9SLT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:33 2024 by rpki-client on console-fra.rpki-client.org